Is Mint.com Really Secure?
August 25, 2012 5:45 PM   Subscribe

This comment from the other thread still rings true:
"Also, FWIW, Mint doesn't actually allow you to move/spend money. It will let you view your accounts, but not do anything. If you want to write a check or make a transfer, you have to do it through your bank."

You can't touch the money or do anything with it. You can't charge anything. Make sure your passwords are all unique, and secure, and I don't think I would worry too much. (I've been using Mint for 2 years)
posted by getawaysticks at 5:50 PM on August 25, 2012

Mint is owned by Intuit now. It's security ought to be as good as any of the major banks. Whether or not that is an endorsement is debatable.
posted by COD at 6:00 PM on August 25, 2012

Ha! That original question was mine. And I just saw this through random happen-stance.

...We still don't use Mint. Mostly because two more years of marriage have taught me important lessons on picking and choosing battles.

but not because i don't think it's a good idea.
posted by kbanas at 6:34 PM on August 25, 2012 [1 favorite]

Some banks will ask things like what the dollar amount of your recent debit transaction at store x was to do so-called "verification" of your identity for password resets.

So they can't touch the money through Mint, but it might help someone touch the money through your bank.

As it's a relative telling you this, you might want to consider the possibility that they know of someone in your family who might be likely to attempt that sort of thing, and are trying to encourage you to protect yourself.
posted by yohko at 8:33 PM on August 25, 2012

To use Mint.com’s money tracking services, you need to enter your bank account user names and passwords. Your bank will almost certainly state in their terms and conditions that you must keep the password private and not share it with anyone including aggregation services like Mint.
So should some money mysteriously go missing from your account, and the bank finds out you use Mint they could potentially use that as a breach of the T&C and refuse to reverse the transaction or compensate you for the lost money.

There doesn't have to be a security problem at Mint for this to become an issue, if you want to dispute a charge the question should not be "How much do I trust Mint.com" but rather "Will this bank use any excuse to avoid doing the right thing." A lot of banks don't have a great track record in this area.
posted by Lanark at 4:32 AM on August 26, 2012

I would not share my bank PIN with any service. It's not Mint.com specifically that I don't trust, it's that hackers are just so good at what they do, and I don't trust web security.
posted by theora55 at 8:31 AM on August 26, 2012

You can't touch the money or do anything with it. You can't charge anything.

Mint has your bank passwords. Those passwords, if compromised, would allow an attacker to touch the money. Even with the best security practices, Mint needs to have your password in plaintext in order to update your balance information. If a hacker were to breach Mint's systems, you would be in trouble, but there isn't much damage they could do by only hacking your account (i.e., by guessing your password).


a) hackable
b) insecure to begin with
c) an overall security risk to all my assets and accounts


a) Meh. Everything is hackable. Good security practices make it much more difficult. This mostly entails patching vulnerabilities as soon as they are discovered. I think it is safe to assume that Mint understands this.

b) No more intrinsically insecure than other online services.

c) Yes. But you can argue that the convenience outweighs the risk. The risk is not huge.
posted by qxntpqbbbqxl at 9:15 AM on August 26, 2012

Perhaps the most infuriating part about Mint is that there's no reason it should be this way. Some banks allow you to give API keys to grant Mint access. This has multiple benefits:

1. The keys could be limited to Mint's IP range.
2. This separates authentication from authorization; the credentials you grant mint could be limited to read only transactions.
3. Your online banking password is never disclosed to Mint.
4. No fraud can be claimed as a result of this action.
5. You can revoke Mint's access to your transaction history without changing your own password, or screwing up other software's access.
6. Fuck, you don't even need to do anything other than click a box that says "grant Mint.com read-only access" if implemented properly. Mint can publish their API pubkey, your bank can whitelist it, and problem solved.

Granted, Mint has no control over the way your bank operates, and whether it supports this mode.

So anyways, in practice, Mint.com hasn't been hacked yet. Partially it's just a function of economics: there are a bazillion easier ways to hack your banking information, and they've invested in making themselves a harder target to break. I kinda suspect a good security team could break them, but the legal shitstorm you'd unleash by attempting to publish findings would be problematic to cope with.
posted by pwnguin at 12:20 PM on August 26, 2012 [1 favorite]

Here is a description straight from a Mint engineer about their safeguards. Since you and I are not crypto experts, it comes down to whether or not you trust them to treat your info as carefully as you would. In my mind, using mint is at least as safe as using your own bank's website; while everything is hackable in theory, they've done a pretty good job of maximizing security and minimizing the possible harm that could occur even if security were breached.

(pwnguin, that would be lovely indeed, if you could convince several thousand financial institutions to all implement a decent API! the key to user adoption of a service like mint is "does your service support my bank?" and sadly not "does my bank support your service?")
posted by Chris4d at 11:08 AM on August 27, 2012

(pwnguin, that would be lovely indeed, if you could convince several thousand financial institutions to all implement a decent API!

They already do, it's called OFX. Which was designed by Intuit and Microsoft, and is basically what Quicken and GNUCash uses to pull in txn data. All the banks need to do is properly instrument their authentication and authorization to allow read only access into these systems.
posted by pwnguin at 1:43 PM on August 27, 2012